package com.itheima.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("hello")
public class HelloController {
    @RequestMapping("add")
    @PreAuthorize("hasAuthority('add')")//调用此方法要求用户必须具有add添加权限
    public String add(){
        System.out.println("add...");
        return "success";
    }

    @RequestMapping("delete")
    @PreAuthorize("hasAnyRole('ROLE_ADMIN')")//调用此方法要求用户必须具有delete权限
    public String delete(){
        System.out.println("delete...");
        return "success";
    }

}
